Introduction to Logging with Elastic Cloud + Security Analytics

BCBSNC - 4613 University Drive – Bldg 450 Durham Triangle
Wed, Nov 1, 2017, 5:00 PM (EDT)

About this event

Join us for our next meetup on Wednesday, November 1 at BCBSNC in Durham. Food & beverages will be provided –– thank you to BCBSNC for hosting us! 

Doors open at 5pm and we'll have two talks for the evening on Logging with Elastic Cloud and Security Analytics with the Elastic Stack. 

Logging with Elastic Cloud

Quick introduction to getting your logs and events to Elastic Cloud, formatting them to fit the way your company works, and visualizing the information.  The example will cover a data source that is not supported out of the box so that you can see how to approach your own data sources.  We won't go into every detail during the session, but the configs are well documented and will be available to you.

Dan Roscigno, I have worked in tech since the 90's, and in Ops / DevOps since 2001.  I enjoy integrating systems with each other to squeeze information from raw data.  I started using Logstash a few years ago and fell in love with it and pushed for standardizing its use in my org. 

Developer, Large Hadron Collider visualization, CERN / University Florida, 1996 - 2000

Lead operations engineer, AT&T Wireless Network Services, 2001 - 2005

Senior Technical Staff Member, Micromuse, 2005 - 2006

Operations Engineer, IBM 2006 - 2017

Security Analytics with the Elastic Stack 

Kent's presentation will discuss using the Elastic Stack and X-Pack for Security Analytics. The machine learning capabilities of X-Pack can be used to automate the detection of anomalies in time series data (security logs) that correspond to cyber attack behaviors.  From data exfiltration to malware command and control activity, hear how you can put Elastic Machine Learning to work for you to detect hard-to-find attack activity as anomalies before security incidents progress too far. 

Kent Brake is a Solutions Architect based in Richmond, VA. At Elastic, Kent works with DoD and commercial partners with a focus on security analytics. Before joining Elastic, Kent spent 9 years building Cloudmark based messaging security solutions with customers like AT&T, Facebook and FireEye.

When

Wednesday, Nov 1
5:00 PM - 8:00 PM (EDT)

Where

BCBSNC
4613 University Drive – Bldg 450 Durham